Virtual Geek

Tales from real IT system administrators world and non-production environment

VMware vCenter Esxi Add a Trusted Root Certificate to the Certificate Store

In this article I will add the Trusted Root certificate in vCenter Certificate store. Basically this will help to use your Certificate Authority root chain certificate (CA server) or third party certificates in your VMware vSphere infrastructure, If you are intending to use a trusted root certificate.

Here I will be using my CA certificate chain in my environment. I am on my CA server portal (Microsoft Active Directory Certificate services http://YourCAServer/certsrv). Click on the Download a CA certificate, certificate chain or CRL url.

MIcrosoft Active Directory Certificate services Authority ca certifficate root web enrollment.jpg adcs certificate authority vmca vmware vsphere vCenter vcsa esxi subordinate

On the next page, Click download CA certificate link. 

Microsoft Active Directory Certificate services der base 64 ssl install ca certificate download ca certification chain latest base crl csr vmware vsphere vcenter esxi management certificate.jpg

Now I have a Root CA certificate downloaded from my Certificate authority. On the VMware vSphere Client, click 3 horizontal bars at Top - left side, Go to Administration. Expand Certificates and choose Certificate Management. In the Trusted Root Certificates box click ADD link. Check the box for Start Root certificate push to vCenter Hosts (ESXi servers). Next Click Certificate Chain BROWSE button and select downloaded Root CA certificate (You can use CER, PEM or CRT file extension types). Open it and upload the certificate.

VMware vSPhere vCenter Esxi Certificate Management machine ssl certificates trusted root vmware certificate authority vmca root cert sts cert sts signing certificate mscs microsoft active directory ca.jpg

You will see a new box for added/uploaded in-house Root CA certificate or third party certificate. By clicking view details check the details information of Certificate.

Microsoft certificate authority root chain vmware vsphere vCenter esxi administration certificate management trusted root certificates information thumbprint common name ca server microsoft active directory revoke.jpg

Useful Articles
How to import default vCenter server appliance VMCA root certificate and refresh CA certificate on ESXi
How to replace default vCenter VMCA certificate with Microsoft CA signed certificate
Managing ESXi SSL certificate properties from vCenter server
Forward vCenter Server Appliance logs to syslog server
Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration
VMware vcenter 7.0 A problem occurred during setup Services might not be working as expected 63%
VMware UMDS curl_easy_perform() failed: cURL Error: SSL peer certificate or SSH remote key was not OK, SSL certificate problem: unable to get local issuer certificate

Go Back


Blog Search

Page Views


Follow me on Blogarama